<?php

if (!defined('TOBBIVM'))
	header('location:/template/notrepassing.php');
/**
 * This file is part of TobbiVMShop.
 *
 * TobbiVMShop is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * TobbiVMShop is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with TobbiVMShop.  If not, see <http://www.gnu.org/licenses/>.
 */
/**
 * Verify and save data from payment-editorpage
 * used from payment.page.editor.php
 * call from payment.page.php
 *
 * @author Norbert Gebert
 * @copyright Norbert Gebert 25.09.2011
 * @license GPL3
 *
 * @version 0.5b
 * @package Admin
 * @subpackage page
 */
$mysqlBuffer = '';

$idx = $refValidate->testNumber($_POST['idx'], '');
$namex = $refValidate->cleanslash($_POST['namex'], '');
$valuex = $refValidate->cleanslash($_POST['valuex'], '');

if (!$idx or !$namex or !$valuex)
{
	message::setErrorRow(_('Submitted Data are wrong format or invalid.') . '<br>' .
		_('No data could be saved!'), TRUE);
}
else
{
	$query = "UPDATE payment SET ";

	// order
	$datax = $refValidate->testNumber($_POST['orderx'], _('Ordernumber not valid'));
	if ($datax and intval($datax) >= 1 and intval($datax) <= 99999999999)
		$query .= "payment_order = '" . $datax . "', ";

	// name
	$datax = $refValidate->testText($_POST['namex'], _('Name not valid'));
	if ($datax)
		$query .= "payment_name = '" . $datax . "', ";

	// value
	$datax = $refValidate->cleanslash($_POST['valuex']);
	if ($datax)
		$query .= "payment_value = '" . str_replace(',', '.', $datax) . "', ";

	// table
	$datax = $refValidate->testText($_POST['texty'], _('Text not valid'));
	if ($datax)
		$query .= "payment_table = '" . $datax . "', ";

	// Config-Data
	db::getInstance()->where('payment_id', $idx);
	$payment_config = db::getInstance()->getOne('payment');

	if (!empty($payment_config['payment_config']))
	{
		$config = array();
		$config = explode('|', $payment_config['payment_config']);
		$rowInput = array();
		$rowx = array();
		$buffer = '';

		foreach ($config as $row)
		{
			$rowx = explode(':', $row);
			$buffer .= $rowx[0] . ":" . $refValidate->cleanslash($_POST[$rowx[0]], '') . "|";
		}
		$buffer = substr($buffer, 0, -1);
		;
		$query .= "payment_config = '" . $buffer . "', ";
	}

	// file
	$datax = $refValidate->testText($_POST['filex'], _('Text not valid'));
	if ($datax)
	{
		$file = '../plugins/payment/' . $datax . '.payment.php';
		if (is_file($file))
		{
			$query .= "payment_file = '" . $datax . "', ";
		}
		else
		{
			message::setErrorRow(_('Payment file not found!<br>File: ') . $file, true);
			$errorCounter++;
		}
	}

	// activ
	if (isset($_POST['activex']))
	{
		$query .= "payment_active = '1' ";
	}
	else
	{
		$query .= "payment_active = '0' ";
	}

	db::getInstance()->where('payment_id', $idx);
	$result = db::getInstance()->getOne('payment');

	if (db::getInstance()->count >= 1)
	{
		db::getInstance()->rawQuery($query . " WHERE payment_id = '" . $idx . "'");
		message::setNoteRow(_('Data successful saved.'), TRUE);
	}
	else
	{
		message::setErrorRow(_('No data could be saved!'), TRUE);
	}
}
?>